stas Fri, 04 Dec 2009 01:21:32 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=291681
Log: protect http_session_vars from interrupt corruption improve save_path check Changed paths: U php/php-src/branches/PHP_5_2/ext/session/session.c U php/php-src/branches/PHP_5_3/ext/session/session.c U php/php-src/trunk/ext/session/session.c Modified: php/php-src/branches/PHP_5_2/ext/session/session.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/session/session.c 2009-12-03 23:26:46 UTC (rev 291680) +++ php/php-src/branches/PHP_5_2/ext/session/session.c 2009-12-04 01:21:32 UTC (rev 291681) @@ -1817,8 +1817,11 @@ } IF_SESSION_VARS() { - HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); + HashTable *ht; + SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); + ht = Z_ARRVAL_P(PS(http_session_vars)); + if (PG(register_globals)) { uint str_len; char *str; @@ -1899,7 +1902,10 @@ } convert_to_string_ex(p_name); - PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)); + IF_SESSION_VARS() { + SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); + PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)); + } RETURN_TRUE; } Modified: php/php-src/branches/PHP_5_3/ext/session/session.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/session/session.c 2009-12-03 23:26:46 UTC (rev 291680) +++ php/php-src/branches/PHP_5_3/ext/session/session.c 2009-12-04 01:21:32 UTC (rev 291681) @@ -693,11 +693,11 @@ p = new_value; } - if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (PG(safe_mode) && *p && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { return FAILURE; } - if (PG(open_basedir) && php_check_open_basedir(p TSRMLS_CC)) { + if (PG(open_basedir) && *p && php_check_open_basedir(p TSRMLS_CC)) { return FAILURE; } } @@ -1882,8 +1882,11 @@ } IF_SESSION_VARS() { - HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); + HashTable *ht; + SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); + ht = Z_ARRVAL_P(PS(http_session_vars)); + if (PG(register_globals)) { uint str_len; char *str; @@ -1960,7 +1963,10 @@ return; } - PS_DEL_VARL(p_name, p_name_len); + IF_SESSION_VARS() { + SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); + PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)); + } RETURN_TRUE; } Modified: php/php-src/trunk/ext/session/session.c =================================================================== --- php/php-src/trunk/ext/session/session.c 2009-12-03 23:26:46 UTC (rev 291680) +++ php/php-src/trunk/ext/session/session.c 2009-12-04 01:21:32 UTC (rev 291681) @@ -569,7 +569,7 @@ p = new_value; } - if (php_check_open_basedir(p TSRMLS_CC)) { + if (*p && php_check_open_basedir(p TSRMLS_CC)) { return FAILURE; } } @@ -1817,8 +1817,11 @@ } IF_SESSION_VARS() { - HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); + HashTable *ht; + SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); + ht = Z_ARRVAL_P(PS(http_session_vars)); + /* Clean $_SESSION. */ zend_hash_clean(ht); }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php